Plug-ins are add-ons developed for all types of solutions and applications. The most well-known provide new features for browsers, messenger services and tools such as WordPress. All of them, without exception, can cause significant security breaches at your company.
Plug-ins as an attack target
The widespread use of certain plug-ins is the main reason that some hackers have focused their attention on acquiring or using plug-ins to launch attacks. It should be noted that the nature of these add-ons, as well as their objective, is highly varied. All plug-ins are susceptible to security breaches, no matter what they are geared towards.
For example, for WordPress, plug-ins such as Display Widgets (with more than 200,000 users), Appointments (8,000 users), Captcha (300,000 users), and NextGEN Gallery (more than one million users) highlight the growing trend of using these add-ons to house attacks are insert malicious code These affect all users that visit a page that has the plug-in activated.
Browser plug-ins for Chrome, Firefox and Internet Explorer are not any less dangerous. For example, the well-known LastPass (password manager) has received criticism due to serious problems with security over the past year. Malicious software such as adware and hijacking software has appeared in these kinds of plug-ins. One of the best examples is from last year when Fireball managed to infect more than 250 million computers.
Although plug-ins vary widely, all have the potential to create security problems that often begin with a loss of control of the device: the appearance of pop-up ads, erratic behavior, etc. They can also cause data loss given that they collect personal information, including login information, and send it secretly. Furthermore, they can insert harmful software: viruses, all types of malware and backdoors.
Why plug-ins?
There are two main reasons that hackers pay so much attention to plug-ins. The first, as we mentioned, is the massive user base that many plug-ins have. Exploiting a security flaw of already established plug-ins is a sure bet for cyber criminals. The second reason is the diversity of available plug-ins.
The use of open-source solutions and wide variety of languages and tools have given rise to exponential growth of solutions to use in our day-to-day lives. However, all this has also resulted in potential security issues. These applications are in constant battle against hackers who are trying to exploit their vulnerabilities. The more diverse the panorama, the more possibilities there are of solutions being exploited.
For WordPress, the preferred techniques are using exploits and existing flaws in PHP, Ajax and Java, along with many others. This exponentially increases the possibility of a security problem. On the other hand, this affects visitors to the page as well as the servers where they are located, allowing for criminals to spread infections rapidly.
Plug-ins at companies
This should give us an idea of the potential impact the indiscriminate use of plug-ins can have on companies. If a corporate website uses this popular CMS (or a similar one such as Drupal, Joomla, etc.) company data, as well as that of servers and users, could be at risk.
One should know that add-ons in a company’s system, used as attack vectors, can cause huge data losses. What is the solution? Firstly, it is vital to have a good IT team and for employees to have a solid knowledge of security.
Secondly, intelligence and predictive security tools, such as Panda Adaptive Defense 360, are the best option to maintain an exhaustive control of a company’s network, foreseeing, preventing and remedying potential attacks thanks to its ability to monitor all system processes in real time.
Lastly, there is always taking the extreme measure of prohibiting plug-ins, both in a company’s browsers and well as on its website. There should be no problem for websites if they are “custom-built”. For browsers and apps, with proper control, the amount of damage that a company can suffer can be severely limited.